locked
How can I determine which process is making broadcast traffic? RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    It's simple to use a tool like Wireshark to see broadcast traffic coming from my machine.

    However, what tool is available to determine, on that machine, which actual process is generating the broadcast traffic?

    I've used NETSTAT in the past to see what processes have certain ports opened.  However, this doesn't help with broadcast traffic.

    My machine is sending out some traffic to 255.255.255.255 UDP, and I want to know which process is doing so.

    Thanks!

    Wednesday, July 11, 2012 8:09 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    I would recommend using Process Monitor from Sysinternals (Microsoft): http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx

    It captures the activity of running processes on a machine, including network I/O.  You can combine with Process Explorer for best results.

    • Marked as answer by Mini Button Wednesday, July 11, 2012 8:19 PM
    Wednesday, July 11, 2012 8:13 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    I would recommend using Process Monitor from Sysinternals (Microsoft): http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx

    It captures the activity of running processes on a machine, including network I/O.  You can combine with Process Explorer for best results.

    • Marked as answer by Mini Button Wednesday, July 11, 2012 8:19 PM
    Wednesday, July 11, 2012 8:13 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    I knew of Process Explorer, but not Process Monitor.  I feel embarrassed.  What an excellent recommendation!  Thank you, Neil!
    Wednesday, July 11, 2012 8:19 PM